一种新的基于主机与移动终端协商的电子商务动态验证码

Yang Guangming, Ni Jingyu, Tan Zhenhua
{"title":"一种新的基于主机与移动终端协商的电子商务动态验证码","authors":"Yang Guangming, Ni Jingyu, Tan Zhenhua","doi":"10.1109/ICICTA.2015.21","DOIUrl":null,"url":null,"abstract":"In electronic commerce, the supply of peculiar commodity is not adequate to users' requirements. Many users are inclined to use malicious software to order scarce commodities instead of legal purchasing processes. To solve this problem, designers of E-commerce websites use CAPTCHA to distinguish if the purchase request is applied by human rather than software. It does not work because malicious software (malware) can identify various CAPTCHA by specific function. So websites attempt to use more complex CAPTCHA to resist malware, however, users cannot identify it either. As a result, using CAPTCHA is not a perfect method to deal with distinguishing problems. In this paper, we propose a novel dynamic authentication CAPTCHA to enhance security and overcome limitations existing in static scheme. Our system can distinguish human from software by the negotiation between host and mobile terminal. The security analysis shows that the method we proposed can resist known types of attacks efficiently.","PeriodicalId":231694,"journal":{"name":"2015 8th International Conference on Intelligent Computation Technology and Automation (ICICTA)","volume":"29 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2015-06-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"A New Dynamic Authentication Captcha Based on Negotiation Between Host and Mobile Terminal for Electronic Commerce\",\"authors\":\"Yang Guangming, Ni Jingyu, Tan Zhenhua\",\"doi\":\"10.1109/ICICTA.2015.21\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"In electronic commerce, the supply of peculiar commodity is not adequate to users' requirements. Many users are inclined to use malicious software to order scarce commodities instead of legal purchasing processes. To solve this problem, designers of E-commerce websites use CAPTCHA to distinguish if the purchase request is applied by human rather than software. It does not work because malicious software (malware) can identify various CAPTCHA by specific function. So websites attempt to use more complex CAPTCHA to resist malware, however, users cannot identify it either. As a result, using CAPTCHA is not a perfect method to deal with distinguishing problems. In this paper, we propose a novel dynamic authentication CAPTCHA to enhance security and overcome limitations existing in static scheme. Our system can distinguish human from software by the negotiation between host and mobile terminal. The security analysis shows that the method we proposed can resist known types of attacks efficiently.\",\"PeriodicalId\":231694,\"journal\":{\"name\":\"2015 8th International Conference on Intelligent Computation Technology and Automation (ICICTA)\",\"volume\":\"29 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2015-06-14\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2015 8th International Conference on Intelligent Computation Technology and Automation (ICICTA)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICICTA.2015.21\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2015 8th International Conference on Intelligent Computation Technology and Automation (ICICTA)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICICTA.2015.21","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0

摘要

在电子商务中,特殊商品的供应不能满足用户的需求。许多用户倾向于使用恶意软件来订购稀缺商品,而不是合法的采购流程。为了解决这个问题,电子商务网站的设计者使用CAPTCHA来区分购买请求是人为的还是软件的。它不起作用,因为恶意软件(malware)可以通过特定功能识别各种CAPTCHA。因此,网站试图使用更复杂的验证码来抵御恶意软件,然而,用户也无法识别它。因此,使用CAPTCHA并不是处理鉴别问题的完美方法。本文提出了一种新的动态验证验证码(CAPTCHA),以提高安全性并克服静态认证方案存在的局限性。本系统通过主机与移动终端之间的协商,实现人机识别。安全性分析表明,我们提出的方法可以有效地抵抗已知类型的攻击。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
A New Dynamic Authentication Captcha Based on Negotiation Between Host and Mobile Terminal for Electronic Commerce
In electronic commerce, the supply of peculiar commodity is not adequate to users' requirements. Many users are inclined to use malicious software to order scarce commodities instead of legal purchasing processes. To solve this problem, designers of E-commerce websites use CAPTCHA to distinguish if the purchase request is applied by human rather than software. It does not work because malicious software (malware) can identify various CAPTCHA by specific function. So websites attempt to use more complex CAPTCHA to resist malware, however, users cannot identify it either. As a result, using CAPTCHA is not a perfect method to deal with distinguishing problems. In this paper, we propose a novel dynamic authentication CAPTCHA to enhance security and overcome limitations existing in static scheme. Our system can distinguish human from software by the negotiation between host and mobile terminal. The security analysis shows that the method we proposed can resist known types of attacks efficiently.
求助全文
通过发布文献求助,成功后即可免费获取论文全文。 去求助
来源期刊
自引率
0.00%
发文量
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信